Current Series Release Notes

27.0.0-49

New Features

  • Adds a schema validation framework to the API. This allows for the validation of incoming requests and outgoing responses against a JSON schema, right at the beginning and end of the request processing pipeline.

  • Adds support for setting disable_power_off on node creation along with set/unset disable_power_off on existing nodes. If set to true, power off for the node is explicitly disabled, instead, a reboot will be used in place of power on/off. Additionally, when possible, the node will be disabled (i.e., its API agent will be rendered unusable and network configurationwill be removed) instead of being powered off.

Upgrade Notes

  • The configuration option fatal_exception_format_errors has been removed from the [DEFAULT] group.

  • The ironic-lib library has been retired and is no longer required for operation of Ironic.

  • If you upgrade while running a redfish interface based BIOS job, you job may not complete due to a change in the internal state variables stored. Ensure none of these operations are in flight when upgrading.

Deprecation Notes

  • The configuration option fatal_exception_format_errors is deprecated from [ironic_lib] group and should be migrated to the [errors]/fatal_exception_format_errors. The old location [ironic_lib]/fatal_exception_format_errors will be respected during the deprecation period.

Bug Fixes

  • The image format inspection and image safety check have been disabled for ISO images cached by Ironic. The feature has been disabled in order to fix issues originally described in bug 2091611. On occasion Ironic has detected multiple image formats for ISO image that contained GPT, the issue originated from the fact that by default the oslo_utils.imageutils library handles the GPT partition table format as additional image format but allows only 1 image format for each image and throws an error if it detects gpt+iso. As the image inspection and safety check was intended to fix a security problem related to qemu-img-tools and qcow images, it has been decided that the inspection and safety check can be disabled ISO images without degrading Ironic’s security.

  • Fixes an issue where operators executing complex arrangement of steps which include out-of-band and in-band steps, for example a hardware RAID create_configuration step followed by in-band steps inside of the agent, would effectively get the agent stuck in a wait state in the Cleaning, Servicing, or Deploying workflows. This was related to the way out-of-band steps are executed and monitored. Ironic, before starting to execute a new step, now cleans the polling lockout flag for the respective workflow being executed to prevent the agent from getting stuck. For more information, please see bug 2096938.

  • Fixes the power handling flow as it relates to child nodes, i.e. bare metal nodes which have a parent_node set, such that power is turned off on those nodes when the parent node is powered off, and that power is turned on for the parent node when the child node is explicitly requested to be in a power on state. This does not apply if the child node device has a dedicated power supply, as indicated through a driver_info parameter named has_dedicated_power_supply which can be set to a value of “true”.

  • The fix for CVE-2024-47211 results in image checksum being required in all cases. However there is no checksum requirement for file:// based images. When checksum is missing for file:// based image_source it is now calculated on-the-fly.

  • Fix portgroup deletion failure by resolving id/uuid mix-up and adding a port-to-portgroup join query.

  • Update the node cache after a successful servicing and cleaning. This ensures the node information is correctly updated in the database.

27.0.0

New Features

  • A new module, ironic.wsgi has been enabled as an entrypoint for WSGI runners. For example, if using uWSGI then now instead of:

    [uwsgi]
wsgi-file = /bin/ironic-api-wsgi

    You can now use:

    [uwsgi]
module = ironic.wsgi:application

    Legacy installed wsgi scripts will be removed in a future version of Ironic.

Upgrade Notes

  • Because of the code reorganization, some metrics have been removed: all metrics prefixed with AgentDeployMixin are now prefixed with CustomAgentDeploy or AgentDeploy instead.

  • Deployers using PostgreSQL must migrate to a supported mysql-compatible database, such as MySQL or MariaDB.

  • Support for Python 3.8 has been removed. Now the minimum python version supported is 3.9 .

Deprecation Notes

  • Use of postgresql has been deprecated for all OpenStack projects, including ironic, for several years. However, in an effort to avoid breaking existing installs, we had tested database migrations and performed a basic functionality test against PostgreSQL. This test has now been removed, and operators deployed on PostgreSQL must migrate to a MySQL-compatible database, such as MySQL or MariaDB, before upgrade.

Security Issues

  • An issue in Ironic has been resolved where image checksums would not be checked prior to the conversion of an image to a raw format image from another image format.

    With default settings, this normally would not take place, however the image_download_source option, which is available to be set at a node level for a single deployment, by default for that baremetal node in all cases, or via the [agent]image_download_source configuration option when set to local. By default, this setting is http.

    This was in concert with the [DEFAULT]force_raw_images when set to True, which caused Ironic to download and convert the file.

    In a fully integrated context of Ironic’s use in a larger OpenStack deployment, where images are coming from the Glance image service, the previous pattern was not problematic. The overall issue was introduced as a result of the capability to supply, cache, and convert a disk image provided as a URL by an authenticated user.

    Ironic will now validate the user supplied checksum prior to image conversion on the conductor. This can be disabled using the [conductor]disable_file_checksum configuration option.

Bug Fixes

  • The set of strings used to detect cipher suite version related errors in the ipmitool command was expanded. If the string Error in open session response message : invalid role is contained in the output of a failed ipmitool command execution, such error will be now considered as related to inappropriate ciphers too, and will be retried with another cipher suite version if Ironic is configured to do so. See bug 2085137 for more details.

  • Fixes the policy scope checking for the RBAC Policy baremetal:node:disable_cleaning, which previously restricted to system user scope. The scope restriction has been revised to permit project scoped matching, but the default RBAC policy has not been revised.

  • Fixes a security issue where Ironic would fail to checksum disk image files it downloads when Ironic had been requested to download and convert the image to a raw image format. This required the image_download_source to be explicitly set to local, which is not the default.

    This fix can be disabled by setting [conductor]disable_file_checksum to True, however this option will be removed in new major Ironic releases.

    As a result of this, parity has been introduced to align Ironic to Ironic-Python-Agent’s support for checksums used by standalone users of Ironic. This includes support for remote checksum files to be supplied by URL, in order to prevent breaking existing users which may have inadvertently been leveraging the prior code path. This support can be disabled by setting [conductor]disable_support_for_checksum_files to True.

  • Fixes newly added policy rules, baremetal:node:set_provision_state:clean_steps and baremetal:node:set_provision_state:service_steps``which impacted ``project scoped users utilizing the 2024.2 release of Ironic where they were attempting to invoke service or clean provision state commands. This was due to a misunderstanding of the correct policy checker to invoke, and additional testing has been added around these functions to ensure they work as expected moving forward.

  • Fix issue on SQLite database usage. Previously ironic node provisioning may fail with error related accessing the hostname. For more details please see bug 2086682.

  • Fixes aborting in-band inspection. Previously, it would fail with Can not transition from state 'inspect failed' on event 'abort'.

  • The configuration option [inspector]power_off is now actually ignored for nodes with fast track enabled, as documented in its help.

  • Fixes the built-in in-band inspection implementation to power off the node after aborting inspection on user’s request, unless the node is in the fast track mode or [inspector]power_off is set to False.

  • Adds a timeout to the service wait state. Previously, a node stuck in this state would remain in it forever. The timeout value can be adjusted via the new option [conductor]service_callback_timeout.

  • Add support for passing either a node’s name or UUID through the ‘node_ident’ parameter during port creation. The ‘node_uuid’ parameter is now deprecated.

Other Notes

  • The AgentDeployMixin class has been removed from agent_base.py. Third-party deploy interfaces that inherit it most probably want to inherit ironic.drivers.modules.agent.CustomAgentDeploy instead.

    If you rely on the prepare_instance_to_boot or configure_local_boot helper methods, inherit from AgentDeploy instead.